North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

Re: DDOS attacks lately?

  • From: Mikael Abrahamsson
  • Date: Sun Aug 20 09:04:35 2000

On Sun, 20 Aug 2000, Shawn McMahon wrote:

> > ... or even better, we could all try to work together to take away the
> > attack tools from the kiddies. As long as they have the tool, they'll find
> > some reason to use it.
> Our focus should instead be on figuring out ways to make the user of the
> tool accountable, and implementing appropriate punishment for misuse.

In my world this is included in "taking their tool away", which also
include making an effort to discover when their tools are used somewhere
(the source) and make an effort to trace it all back to whoever is
controlling the tools and nail this person to the wall.
> Sometimes the tool is "ping".  Do you really want to eliminate it?

Of course not. But the question is if 10mbit of echo requests can be
descibed as "ping".
> Do you really think we *CAN* eliminate it?

We can never eliminate it, but we can make it harder to use and make an
effort to nail the ones abusing it.

A start would be to make it criminal negligence worldwide to operate a
network that can be abused even after several notices about this fact. If
you are a smurf amplifier and have been for quite some time after several
notices, you should be punished. If you have rooted machines on your
network that are used for DDOS attacks and you do nothing about it, you
should too be nailed to the wall.

Most of what is done is mostly temporary patches (access lists when an
attack is under way) which never solves the problem, just the immediate

Mikael Abrahamsson    email: [email protected]